MAC learning enables network connectivity for multiple MAC addresses behind a single vNIC. MAC learning is useful for distributing workloads in large OpenStack deployments.
MAC learning in VMware Integrated OpenStack is implemented differently for NSX-T Data Center and NSX Data Center for vSphere deployments.
- For NSX-T Data Center deployments, MAC learning in VMware Integrated OpenStack is provided by NSX-T Data Center MAC learning. For more information, see Understanding MAC Management Switching Profile in the NSX-T Administration Guide.
- For NSX Data Center for vSphere deployments, MAC learning in VMware Integrated OpenStack is implemented by enabling forged transmit and promiscuous mode. The guest must request promiscuous mode.
The following conditions apply to MAC learning:
- MAC learning is not compatible with port security or security groups.
- For NSX Data Center for vSphere deployments, performance will be affected because vNICs that request promiscuous mode receive a copy of every packet.
- For NSX Data Center for vSphere deployments, no RARP requests are generated for the multiple MAC addresses behind a single vNIC when a virtual machine is migrated with vMotion. This can result in a loss of connectivity.
- Log in to the Integrated OpenStack Manager as the
rootuser and open the toolbox.
ssh root@mgmt-server-ip toolbox
- Disable port security and security groups on the port where you want to configure MAC learning.
neutron port-update port-uuid --port-security-enabled false --no-security-groups
- Enable MAC learning on the port.
neutron port-update port-uuid --mac-learning-enabled true